Audit log of all changes made to User Management service

[nycnewman]

I confirm that, if this is a feature request that has security implications, I already contacted [email protected] and followed the responsible disclosure policy.

I confirm that this is not a question or a request for technical support by the community, for which the Daml forum is available.

What is the problem you want to solve?

All security authentication / authorization changes to a participant node should be logged so that tehse can be forwarded to a SIEM or equivalent security logging / auditing service. This is a mandatory requirement for most large enterprises so that changes to pmerissions in the system can be reviewed and used in forensic investigations.

Enter here a clear and concise description of what the problem is.

All changes made to users, parties and associated mappings in User Manager are logged in a format that simplifies forward and ingest into a SIEM. Log entries should show date/time, user making changes, changes being made and outcome (success/failure).

What is the solution you would propose?

Add here a clear and concise description of what you want to happen.

User Manager CLI/API/UIs log all changes

Describe alternatives you've considered

Enter here a clear and concise description of any alternative solutions or features you've considered.

Additional context

Add here any additional context about the feature request.